Learn Search

Search across all Learn content

← Back to Security Research
Patch Tuesday: Microsoft Security Bulletin Summary for September 2020

Patch Tuesday: Microsoft Security Bulletin Summary for September 2020

Microsoft Patch Tuesday September 2020 has released September Patch Tuesday security updates with a total release of 129 vulnerabilities, In which 23 are classified as Critical with Remote Code Execution(RCE) 105 are classified as important and 1 is classified as moderate that reside in the Microsof...

Sep 8, 2020By Vishesh S5 min read

Microsoft Patch Tuesday September 2020 has released September Patch Tuesday security updates with a total release of 129 vulnerabilities, In which 23 are classified as Critical with Remote Code Execution(RCE) 105 are classified as important and 1 is classified as moderate that reside in the Microsoft Windows, Microsoft Exchange Server, Internet Explorer (IE), Microsoft Edge (EdgeHTML-based and Chromium-based in IE Mode), ChakraCore, Visual Studio, Microsoft OneDrive, etc. This list of vulnerabilities were detected using a vulnerability management tool.

No zero-day vulnerabilities are reported and the bugs being patched were not publicly known or under active attack at the time of release.

Interesting Vulnerabilities :

Visual Studio Remote Code Execution Vulnerability | CVE-2020-16874 :
A Remote Code Execution(RCE) Vulnerability exists in Visual Studio, Manipulation with an unknown input leads to memory corruption. This vulnerability exists in multiple versions of Visual Studio dating back to 2012. To exploit the same, An Attacker has to convince the user to open a specially crafted file using an affected version of the software.

  • Successful exploitation of the vulnerability could run arbitrary code in the context of the current user and gain the ability to install programs; view, change, or delete data; or create new accounts with full user rights. Users with administrative rights are highly impacted as compared to users having fewer rights.

Microsoft Exchange Server Remote Code Execution Vulnerability | CVE-2020-16875 :
A Remote Code Execution(RCE) vulnerability exists in Microsoft Exchange Server when it fails to properly validate cmdlet arguments. To exploit the vulnerability, an attacker can send a specially crafted email to the vulnerable Microsoft Exchange Server which will lead to memory corruption. Exploitation requires an authenticated user in a certain Exchange role to be compromised.

  • Successful exploitation of the vulnerability could allow an attacker to execute code as SYSTEM. It islikely to see this one in the wild soon.

Microsoft SharePoint Remote Code Execution Vulnerability | CVE-2020-1210 :
A Remote Code Execution(RCE) vulnerability exists in Microsoft SharePoint due to failure to check the source markup of an application package. To exploit this vulnerability, an attacker needs to be able to upload a SharePoint Application package to a vulnerable SharePoint.

  • Successful exploitation of the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint Server farm account.

GDI+ Remote Code Execution Vulnerability | CVE-2020-1285 :
A Remote Code Execution(RCE) vulnerability exists in Windows Graphic Device Interface due to failure in handling the objects in memory. There are two attack scenarios by which vulnerability can be exploited.

  • In a web-based attack scenario, An attacker can host a website that is specially designed to exploit this vulnerability and then convince users to visit the website. An attacker can not force a user to view an attacker-controlled site. Instead, An attacker has to trick the user to take action by getting them to open an email attachment or click a link.
  • In a file-sharing attack scenario, An attacker has to trick a user to open a specially crafted file designed to exploit the vulnerability.
  • Successful exploitation of the vulnerability could run arbitrary code and gains the ability to install programs; view, change, or delete data; or create new accounts with full user rights.

Microsoft Windows Codecs Library Remote Code Execution Vulnerability | CVE-2020-1129 :
A Remote Code Execution(RCE) Vulnerability exists in Microsoft Windows Codecs Library which is used by multiple applications and can affect a wide range of programs. The flaw exists within the parsing of HEVC streams, A crafted HEVC stream in a file can trigger an overflow of a fixed-length stack-based buffer. To exploit the vulnerability, An attacker has to trick the affected user to view a specially crafted image.

  • Successful exploitation of the vulnerability could run the code on the affected system and could also obtain the information to further compromise the target.

Microsoft Security Bulletin Summary for September 2020:

  • Microsoft Windows
  • Microsoft Edge (EdgeHTML-based)
  • Microsoft ChakraCore
  • Internet Explorer
  • Microsoft Office and Microsoft Office Services and Web Apps
  • Visual Studio
  • Microsoft Dynamics
  • Microsoft Exchange Server
  • SQL Server
  • ASP.NET

Product: Microsoft WindowsCVEs/Advisory: CVE-2020-0908, CVE-2020-0922, CVE-2020-0997, CVE-2020-1129, CVE-2020-1252, CVE-2020-1285, CVE-2020-1319, CVE-2020-1508, CVE-2020-1593Impact: Denial of Service, Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature Bypass, SpoofingSeverity: CriticalKBs:4570333, 4571756, 4574727, 4577015, 4577032, 4577038, 4577041, 4577048, 4577049, 4577066, 4577071

Product: Microsoft Edge (EdgeHTML-based)CVEs/Advisory:CVE-2020-0878, CVE-2020-1057, CVE-2020-1172Impact: Elevation of Privilege, Remote Code Execution, Spoofing, Information DisclosureSeverity: CriticalKBs:4570333,4571756,4574727,4577015,4577032,4577041,4577049

Product: ChakraCoreCVEs/Advisory:CVE-2020-0878, CVE-2020-1057, CVE-2020-1172Impact: Remote Code ExecutionSeverity: Critical

Product: Internet ExplorerCVEs/Advisory: CVE-2020-0878Impact: Remote Code ExecutionSeverity: CriticalKBs: 4570333, 4571756, 4574727, 4577010, 4577015, 4577032, 4577041, 4577049, 4577051, 4577066

Product: Microsoft Office and AppsCVEs/Advisory: CVE-2020-1200, CVE-2020-1210, CVE-2020-1452, CVE-2020-1453, CVE-2020-1460, CVE-2020-1576, CVE-2020-1595Impact: Information Disclosure, Remote Code Execution, SpoofingSeverity: CriticalKBs: 3101523, 4484480, 4484488, 4484504, 4484505, 4484506, 4484512, 4484515, 4484525, 4486664, 4486667

Product: Visual Studio CodeCVEs/Advisory:CVE-2020-16881Impact: Remote Code ExecutionSeverity: Important

Product: Microsoft DynamicsCVEs/Advisory:CVE-2020-16862, CVE-2020-16857, CVE-2020-16860Impact: SpoofingSeverity: CriticalKBs:4574742

Product: ASP .NETCVEs/Advisory:CVE-2020-1045Impact: Security Feature BypassSeverity: Important

Product: SQL ServerCVEs/Advisory:CVE-2020-1044Impact: Security Feature BypassSeverity: Moderate

Product: Microsoft Exchange ServerCVEs/Advisory: CVE-2020-16875Impact: Remote Code ExecutionSeverity: CriticalKBs: 4577352

SanerNow detects this vulnerability and automatically fixes it by applying security updates. Download SanerNow and keep your systems updated and secure.

Patch Tuesday: Microsoft Security Bulletin Summary for September 2020 | SecPod